Monday, 16 September 2013

CHMOD stands for "Change Mode" and it is the Linux command which is used to change the access permissions of files and directories. In Linux/UNIX, the concept of user (owner) and group is very fundamental, as everybody wants things he uses to be kept secure and properly organized. That is why every file and directory has an owner and a group associated with it and they have different permissions to access that particular file.

Owner permissions: They determine what operations the owner of the file can execute on the file.

Group permissions: They determine what operations a user belonging to the group associated with that file can execute on the file.

Other permissions: They indicate what operations all other users can execute on the file.

So, there are Three basic file/directory operations that a user/group/other users can perform on the files and directories.

Read (r): Permission to read the contents of the file/directory. In case of directories, a person can view all the files and sub-directories belonging to the directory.

Write (w): Permission to modify the contents of the file/directory. In case of directories, a person can create a file or sub-directory in that directory.

Execute (x): Permission to execute a file as a script/program. Executing a directory! Well, it does not make any sense. In case of directories, a person can enter that directory. In order to use ls and cd commands in /bin directory, a user should have Execute permissions.

CHMOD assigns numeric values to the Read, Write and Execute permissions which are as follows:

Read : 4

Write : 2

Execute : 1

So, the permissions associated with any file/directory in Linux have a 3x3 format i.e. Three types of permissions (Read, Write and Execute) that are available for three types of users (Owner, Group and Other).

To observe this, just enter ls –l command that displays 9 characters for every file/directory representing the permissions for all the three types of users.

For Example:

In above output,

Owner (mandar) has Read + Write + Execute permissions.

Group has Read permissions.

Others have Read permissions.

Changing File/Directory Permissions with CHMOD

To change the permissions associated with files and directories, you may either use Octal Representation (using numeric) or Symbolic Representation (using alphabets). We will restrict this part of our discussion up to the use of octal representation for changing files and directories permissions.

So, in octal representation of the permissions:

First digit is for Owner

Second digit is for Group

Third digit is for Others

As an example, we have seen in our one of the previous articles- Getting Started with Linux Shell Scripting Language, we have used a command as chmod 744 helloworld.sh. Indirectly, we have given Read + Write + Execute (4+2+1) permissions to the Owner, Read (4) permission to the group and Read (4) permission to the others.

Now, if we wish to give Read + Write (4+2) permissions to the owner, Read (4) permissions to the group and others, then we need to enter following command:

chmod 644 <file_name>

Another example, to give Read + Execute permission (4 + 1 = 5) to user and no permission (0) to group, and Write (2) permission to others, enter following command:

chmod 502 <file_name>

What is UMASK..?

UMASK, along with default permission of file/directory, is responsible for determining the final value of the default permission of a file/directory. The default permission for a file is 777 and for a directory, it is 666. From these default permissions, the umask value is subtracted to get the final default permission for newly created files or directory. The default value of umask is 022.

Final default permissions for file and directories are determined as follows:

Default file permission: 666

Default directory permission: 777

Default umask : 022

Final default file permission: 644

Final default directory permission: 755

You may change the umask to an appropriate value based on your purpose. For example, if you wish no one but the owner can do anything with the file/directory then you can set umask as 0077.

umask 0077

After this action, when you make a new file/directory, the permissions associated with them will be as shown below:

Symbolic Representation

The symbolic representation used for three different types of users is as follows:

u is used for user/owner

g us used for group

o is used for others

Usage of Symbolic Representation

1. Adding Single Permission

To change single permission of a specific set of users (owner, group or others), we can use '+' symbol to add a permission.

Syntax:chmod <user>+<permission> <file_name>

Example:chmod u+x my_file

Using above command, we can add Execute permission to the owner of the file.

2. Adding Multiple Permissions

This is similar to command explained above, you just need to separate those multiple permissions with a comma (,).

Syntax:chmod <user>+<permission>,<user>+<permission> <file_name>

Example:chmod g+x,o+x my_file

Using above command, we can add Execute permissions to the group and other users of the file.

3. Removing a Permission

Removing a permission is as easy as adding a permission, just remember to use '-' symbol instead of '+'.

Syntax:chmod <user>-<permission> <file_name>

Example:chmod o-x my_file

Above command removes Execute permission from the other users of the file.

4. Making the Changes for All

In case we add or remove some permissions for all the users (owner, group and others), we can use a notation 'a' which denotes "All users".

Syntax:chmod a<+ or -><permission> <file_name>

Example:chmod a+x my_file

Above command will add Execute permission to all the users.

5. Copying the Permissions

If we wish to make permissions of two files/directories same, we can do it using reference option. Consider that, we want to apply permissions of myfile1 to some other file called myfile2, then use following command:

Example:chmod --reference=myfile1 myfile2

6. Applying Changes to All the Content of a Directory

If we want to apply some specific changes to all the files inside a directory, we can make use of option -R denoting that the operation is recursive.

Syntax:chmod -R <directory_name>/

That's enough for this article. In this article, I tried to cover the basics of files and directory permissions and the fundamental use of CHMOD command that helps us change those permissions associated with files and directories. Please feel free to comment for the feedback. Stay tuned for some more interesting articles.

4 comments:

How do I change the Permissions of a USB Drive Directory 'Chapters' and the Directory 'Chapters' on my laptop to be identical?I want all files to be able to be Created and Edited on all of my laptops.File Permissions should be 777?